1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.kernel.util.GetterUtil;
26 import com.liferay.portal.kernel.util.ParamUtil;
27 import com.liferay.portal.kernel.util.Validator;
28 import com.liferay.portal.model.Company;
29 import com.liferay.portal.model.CompanyConstants;
30 import com.liferay.portal.model.User;
31 import com.liferay.portal.security.pwd.PwdEncryptor;
32 import com.liferay.portal.service.UserLocalServiceUtil;
33 import com.liferay.portal.util.PortalUtil;
34
35 import javax.servlet.http.HttpServletRequest;
36 import javax.servlet.http.HttpServletResponse;
37
38
43 public class ParameterAutoLogin implements AutoLogin {
44
45 public String[] login(
46 HttpServletRequest request, HttpServletResponse response)
47 throws AutoLoginException {
48
49 try {
50 String login = ParamUtil.getString(request, getLoginParam());
51
52 if (Validator.isNull(login)) {
53 return null;
54 }
55
56 String password = ParamUtil.getString(request, getPasswordParam());
57
58 if (Validator.isNull(password)) {
59 return null;
60 }
61
62 Company company = PortalUtil.getCompany(request);
63
64 String authType = company.getAuthType();
65
66 long userId = 0;
67
68 if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
69 userId = UserLocalServiceUtil.getUserIdByEmailAddress(
70 company.getCompanyId(), login);
71 }
72 else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
73 userId = UserLocalServiceUtil.getUserIdByScreenName(
74 company.getCompanyId(), login);
75 }
76 else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
77 userId = GetterUtil.getLong(login);
78 }
79 else {
80 return null;
81 }
82
83 if (userId > 0) {
84 User user = UserLocalServiceUtil.getUserById(userId);
85
86 String userPassword = user.getPassword();
87
88 if (!user.isPasswordEncrypted()) {
89 userPassword = PwdEncryptor.encrypt(userPassword);
90 }
91
92 String encPassword = PwdEncryptor.encrypt(password);
93
94 if (!userPassword.equals(password) &&
95 !userPassword.equals(encPassword)) {
96
97 return null;
98 }
99 }
100
101 String[] credentials = new String[] {
102 String.valueOf(userId), password, Boolean.FALSE.toString()
103 };
104
105 return credentials;
106 }
107 catch (Exception e) {
108 throw new AutoLoginException(e);
109 }
110 }
111
112 protected String getLoginParam() {
113 return _LOGIN_PARAM;
114 }
115
116 protected String getPasswordParam() {
117 return _PASSWORD_PARAM;
118 }
119
120 private static final String _LOGIN_PARAM = "parameterAutoLoginLogin";
121
122 private static final String _PASSWORD_PARAM = "parameterAutoLoginPassword";
123
124 }